Node.js Auth0 userinfo请求无法处理
我正在尝试使用Auth0作为中介对GitHub进行身份验证调用 我是按照指南来做的,但是到了第二步。在获取用户id时,我遇到了/userinfo端点的问题Node.js Auth0 userinfo请求无法处理,node.js,access-token,auth0,alexa-skills-kit,Node.js,Access Token,Auth0,Alexa Skills Kit,我正在尝试使用Auth0作为中介对GitHub进行身份验证调用 我是按照指南来做的,但是到了第二步。在获取用户id时,我遇到了/userinfo端点的问题 const rp = require('request-promise') const auth0_options = { method: 'POST', url: 'https://MY_DEV_ID/oauth/token', headers: {'content-type': 'application/x-www-form-urlen
const rp = require('request-promise')
const auth0_options = {
method: 'POST',
url: 'https://MY_DEV_ID/oauth/token',
headers: {'content-type': 'application/x-www-form-urlencoded'},
form: {
grant_type: 'client_credentials',
client_id: 'MY_CLIENT_ID',
client_secret: 'MY_CLIENT_SECRET',
audience: 'https://MY_DEV_ID/api/v2/'
}
};
const auth0_result = JSON.parse(await rp(auth0_options));
const access_token_one = auth0_result.access_token;
然后,我尝试调用userinfo端点,如中所述
但这个不起作用,它返回一个空对象,我认为这是因为它未经授权
我在这里查阅了许多关于/userinfo的问题,但发现在所有情况下,我发现问题都是我已经解决的(令牌、观众等)
编辑:
我尝试使用的auth0 api的openid配置:
scopes_supported": [
"openid",
"profile",
"offline_access",
"name",
"given_name",
"family_name",
"nickname",
"email",
"email_verified",
"picture",
"created_at",
"identities",
"phone",
"address"
],
"response_types_supported": [
"code",
"token",
"id_token",
"code token",
"code id_token",
"token id_token",
"code token id_token"
],
好的,很明显,您在我的
auth0\u结果中得到的access令牌
不是userinfo
的当前令牌,它需要不同的令牌。我使用alexa技能运行此代码,我的初始访问令牌
来自设置过程中的帐户链接
对于遇到此问题的任何人,以下是最终可行的解决方案:
(我的解决方案是针对amazon alexa的,但经过一些更改,它应该适用于您尝试连接的任何站点)
在此之后,attributes.token将包含一个访问令牌,您可以使用该令牌在GitHub上对自己进行身份验证(在auth0上将令牌过期时间设置为最大(30天),或存储刷新令牌以供以后使用),例如http请求:
function customhttpgetrequest(url, attributes){
const customHeaderRequest = request.defaults({
headers: {
'User-Agent': attributes.loggedInUser,
'Authorization': 'Bearer ' + attributes.token
}
})
return new Promise((resolve, reject) => {
customHeaderRequest.get(url, (error, response, body) => {
if (error) {
return reject(error)
}
resolve(JSON.parse(body)); /*simply resolve(body) should work aswell, not sure why i parse it here*/
})
})
}
let attributes = handlerInput.attributesManager.getSessionAttributes();
attributes.loginToken = handlerInput.requestEnvelope.context.System.user.accessToken;
login_options = {
method: 'GET',
uri: '{YOUR_AUTH0_TENANT_ID}/userinfo',
headers : {
Authorization : 'Bearer ' + attributes.loginToken,
}
};
const login_result = JSON.parse(await rp(login_options));
attributes.loggedInUser = login_result.nickname;
const auth0_options = {
method: 'POST',
url: '{YOUR_AUTH0_TENANT_ID}/oauth/token',
headers: {'content-type': 'application/x-www-form-urlencoded'},
form: {
grant_type: 'client_credentials',
client_id: '{AUTH0_APPLICATION_CLIENT_ID}',
client_secret: '{AUTH0_APPLICATION_CLIENT_SECRET}',
audience: '{YOUR_AUTH0_TENANT_ID}/api/v2/',
}
};
const auth0_result = JSON.parse(await rp(auth0_options));
const access_token_one = auth0_result.access_token;
const github_options = {
method: 'GET',
url: `{YOUR_AUTH0_TENANT_ID}/api/v2/users/${login_result.sub}`,
headers : {'authorization' : 'Bearer ' + access_token_one}
};
const github_result = JSON.parse(await rp(github_options));
attributes.token = github_result.identities[0].access_token;
handlerInput.attributesManager.setSessionAttributes(attributes);
function customhttpgetrequest(url, attributes){
const customHeaderRequest = request.defaults({
headers: {
'User-Agent': attributes.loggedInUser,
'Authorization': 'Bearer ' + attributes.token
}
})
return new Promise((resolve, reject) => {
customHeaderRequest.get(url, (error, response, body) => {
if (error) {
return reject(error)
}
resolve(JSON.parse(body)); /*simply resolve(body) should work aswell, not sure why i parse it here*/
})
})
}